So each user has to log in, run Spywareblaster and enable all the (new) protections. I guess the easy way where the administrator does not know the other passwords is for him to put the program into their "Startup" directory and tell them what to do.